During inspection of outbound network traffic, it is observed that devices running the SEP Mobile app will sometimes send DNS queries to URLs regarded as suspicious / malicious.  

These requests are expected - the SEP Mobile app sends these DNS queries to help create a map of command and control server addresses, and this data is then used as part of SEP Mobile's protection against "Communication with Malicious Command and Control Servers".

As noted, this is expected behavior.  The DNS queries themselves do not represent any security risk, and actually help to protect devices running the SEP Mobile app. 

Assuming the extent of traffic observed to the suspicious URLs is limited to the outbound DNS queries, then no additional action is necessary.